The US Computer Emergency Response Team (US-Cert) is warning users and
administrators to be on the lookout following the discovery of a malware
outbreak being spread via USB keys.
The rise in attacks was first reported by researchers at Symantec, who noted
that the attacks are taking two principal forms.
The first tactic involves malware which simply copies itself to all storage
devices connected to the infected PC. This tried-and-true method is usually
delivered by way of social engineering, often posing as video or application
files.
The second method uses the Autorun feature in Windows. The malware copies
itself from the infected machine onto a USB drive as 'autorun.inf', allowing the
file to execute automatically and perform a new infection when the drive is
plugged into another system with Autorun enabled.
USB drive attacks use methods as old as the computer virus itself, early
versions of which spread by infecting floppy disks and local networks.
The tactic eventually gave way to web page and email borne attacks, but
Symantec suggested that the increasing use of media players and USB drives is
making the tactic popular once again.
In order to avoid attacks, US-Cert recommends that users and administrators
disable Autorun for connected devices. Symantec also suggests setting policies
which limit the ability of users to connect USB devices unless absolutely
necessary.
Do you agree?
Have your say on this article